Time until
Version 4.0 required for reporting
0
0
0
0
Days
0
0
Hrs
0
0
Min
0
0
Sec

What’s New in Version 4?

There’s a lot of new things in version 4. In fact, there are 64 new requirements that you might be looking at by 31 March 2025.

0
New Requirements for Merchants
0
New Requirements for Service Providers
0
New Requirements Applicable When You Use v4 (by March 2024)
0
New Requirements in Full Force 31 March 2025

Along with new requirements, version 4 brings extended guidance as part of the Standard itself. Overall, the length of the Standard increases from 139 pages to 360 pages. But what this really means is that in addition to the requirements it also has:

  • Customised approach objectives if you’re doing a RoC and looking at a customised testing approach
  • Applicability notes to explain how the requirement applies to people, processes, or systems when further clarification is needed
  • Information about the purpose / objective of each requirement
  • Recommendations for good practice
  • Further sources of information
  • Definitions of key terms

The Security Standards Council has put a lot of work into adding as much clarification and help as possible to the Standard.

Need Help?

Whether you’re using PCI DSS v3.2.1 or v4.0 we always work to help make sure that you can understand the Standard and work to help see how we can fit your processes into the Standard. Talk to us to see how we can help you.